# queries: security-extended,security-and-quality

    # If the analyze step fails for one of the languages you are analyzing with
    # "We were unable to automatically build your code", modify the matrix above

        case 3:
        case 4:
        case 5:
            /*
             * This code is only called if extended security is not on. This will
             * all be cleaned up an normalized in JCIFS 2.x.
             */
            throw new SmbException(
                "NTLMv2 requires extended security (jcifs.smb.client.useExtendedSecurity must be true if jcifs.smb.lmCompatibility >= 3)");
        }
        return null;

	VLD1.P	(R8)(R9.SXTX<<2), [V2.B16]                       // ERROR "invalid extended register"
	VLD1.P	(R8)(R9<<2), [V2.B16]                            // ERROR "invalid extended register"
	VST1.P	[V1.B16], (R8)(R9.UXTW)                          // ERROR "invalid extended register"
	VST1.P	[V1.B16], (R8)(R9<<1)                            // ERROR "invalid extended register"

-->
Fixes #

#### Special notes for your reviewer:

#### Does this PR introduce a user-facing change?
<!--
If no, just write "NONE" in the release-note block below.
If yes, a release note is required:
Enter your extended release note in the block below. If the PR requires additional action from users switching to the new release, include the string "action required".

                        || !msg2.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) ) ) {
                    throw new SmbUnsupportedOperationException("Server does not support extended NTLMv2 key exchange");
                }

                if ( !msg2.getFlag(NtlmFlags.NTLMSSP_NEGOTIATE_128) ) {
                    throw new SmbUnsupportedOperationException("Server does not support 128-bit keys");

The Gradle codebase has evolved over time and has a mixture of simple getter/setter methods, Provider API and things in between.  It can be hard to follow best practices because Gradle provided types are reused in unexpected ways and extended by third party plugins.

Given these constraints, we cannot always follow best practices.  This ADR proposes the way we should handle the use of Provider APIs in the gradle/gradle codebase.

## Decision

// governance bypass headers are set and user has governance bypass permissions.
// Objects in compliance mode can be overwritten only if retention date is being extended. No mode change is permitted.
func enforceRetentionBypassForPut(ctx context.Context, r *http.Request, oi ObjectInfo, objRetention *objectlock.ObjectRetention, cred auth.Credentials, owner bool) error {

    static final int ATTR_SYSTEM     = 0x04;
    static final int ATTR_VOLUME     = 0x08;
    static final int ATTR_DIRECTORY  = 0x10;
    static final int ATTR_ARCHIVE    = 0x20;

    // extended file attribute encoding(others same as above)
    static final int ATTR_COMPRESSED = 0x800;
    static final int ATTR_NORMAL     = 0x080;
    static final int ATTR_TEMPORARY  = 0x100;

    // access mask encoding

            case 3:
            case 4:
            case 5:
                /* This code is only called if extended security is not on. This will
                 * all be cleaned up an normalized in JCIFS 2.x.
                 */
                throw new SmbException("NTLMv2 requires extended security (jcifs.smb1.smb1.client.useExtendedSecurity must be true if jcifs.smb1.smb1.lmCompatibility >= 3)");
        }

				if strings.HasSuffix(hdr.Name, "/") {
					hdr.Typeflag = TypeDir // Legacy archives use trailing slash for directories
				} else {
					hdr.Typeflag = TypeReg
				}
			}

			// The extended headers may have updated the size.
			// Thus, setup the regFileReader again after merging PAX headers.
			if err := tr.handleRegularFile(hdr); err != nil {
				return nil, err
			}